Détails du poste

Governance and Compliance Manager- Porto M/F

International   •  CDI   •  Mise à jour le 20/06/16

Bullet points

  • 10+ years' experience in an InfoSec GRC role.
  • Past/proven experience managing a team of staff

À propos de notre client

Euronext is the primary exchange in the Euro zone with more than 1 300 listed issuers worth close to €3.0 trillion in market capitalization as of end March 2016, Euronext operates regulated and transparent equity and derivatives markets. The company also leverages its expertise in running markets by providing technology and managed services to third parties. Euronext has set up a new technology service center in Porto to manage IT operations and development, security and finance in conjunction with existing Paris based teams.

Description du poste

  • Assisting with the strategic alignment of information security with the business strategy.
  • Assisting with the implementation and maintenance of the Information Security Programme.
  • Assisting with efforts to align internal security practices with industry best practices and security frameworks commensurate with strategy and the expectations of our clients and regulators.
  • Assisting with risk assessments and the risk management process by executing appropriate measures to manage and mitigate risks thus reducing the potential impact on information processing resources and assets.
  • Ensure the Information Security Risk register is up to date, tracked, and presented on a regular basis to management. Working through action plans to conclusion with all stakeholders.
  • Assisting with audit activities whether orchestrated internally or externally by a third party.
  • Managing InfoSec engagement affairs and resource handling across the InfoSec team.
  • Performance measurement by measuring, monitoring and reporting information security governance metrics to ensure that organisational objectives are achieved and evidenced.
  • Assisting with compliance matters or conflicts of interest relating to communicated; Policy, Standards, Procedures, and Guidelines.
  • Managing the overall GRC state of all new projects and initiatives, including ownership of the In-Take process for the Information Security Department.
  • Assisting in the drafting and preparation of departmental security document sets.
  • Keeping track of policy and standards exceptions and the risks aligned to them.
  • Keep abreast of new risks and trends in the threat landscape that may need to be addressed within information security policies, procedures and standards.
  • Exhibit a broad knowledge of security compliance and auditing frameworks and apply those to formulate policies, procedures and standards.
  • The delivery of ongoing security awareness and training through various tools and workshops.

Profil recherché

  • 10+ years' experience in an InfoSec GRC role.
  • Experience within the financial sector will be a considerable benefit.
  • Past/proven experience managing a team of staff
  • Ability to work with matters of a departmental nature relating to financials and budgets, etc.
  • Established background in Information Security Risk
  • Established background in IT / Information Security Audit
  • Strong background and knowledge of working with and implementing international security standards and frameworks, such as; ISO27001, ISO27002, ISO27005, NIST, etc
  • Strong stakeholder management skills
  • The ability to interface across the organization with other teams and managers of all levels
  • Analytical, judgment, and decision making skills
  • Project management skills
  • Ability to deliver security education and awareness training sessions and material
  • Excellent written and verbal communications skills.
  • Excellent organisational skills.
  • Must be able to work well under pressure and prioritise workload appropriately
  • Must be able to work well alone or as part of a team
  • Ability to adjust to changing priorities while multitasking effectively.
  • Ability to articulate complex security and privacy concepts to business users.
  • Ability to communicate with clients in a professional manner.
  • Working / technical knowledge of IT infrastructure and security specific controls.
  • Desirable security industry certifications include; CISSP, CISM, CISA, CRISC, CGEIT

Conditions et Avantages


Postuler à cette offre

Cliquez sur Postuler , LinkedIn ou Viadeo ci-dessous. Référence du poste : 31577. Votre candidature sera transmise à Andreia Pereira.
As you are using an Apple iOS device we are unable to offer you the CV upload function. Vous pouvez postuler en utilisant Linkedin ou Viadeo Référence du poste : 31577. Votre candidature sera transmise à Andreia Pereira.